Minimising the risk of supply chain attacks - best practice guidelines
April 28, 2021
Justine Ceppok
Sophos
Sophos
The recent cyberattack on IT monitoring company SolarWinds put supply chain vulnerabilities in the spotlight and highlighted how unprepared many companies are when it comes to defending against supply chain attacks.
These attacks often happen because they don't know where to start or don't consider themselves important or high profile enough to be targeted.
In our new report, Minimising the Risk of Supply Chain Attacks, we clarify the confusion around these attacks. The report looks at how supply chain attacks work, best practices for countering them, and the role of technology and services in minimising the impact of such attacks.
To minimise the risk of supply chain attacks, we recommend that you
Five best practice guidelines for defending against supply chain attacks
- Shiftfrom a reactive to a proactive approach to cybersecurity. Once an attack becomes apparent, it is often too late. Assume you are always compromised and look for threats before they find you.
- Look out for early signs of compromise. In investigations by the Sophos Managed Threat Response (MTR) team, two things stand out as early signs of compromise: one is the use of credentials for remote access/administrative purposes outside of business hours, and the other is the misuse of system administration tools for monitoring.
- Review your supply chain. It can be invaluable to take the time to make a list of all the organisations you are connected to. You can then assess what kind of network access they have, what information could be accessed, and then block that access accordingly.
- Assess the security posture of your suppliers and business partners. Identify the types of certifications and audits they are subject to. There is no set number of audits that guarantees security, but it is certainly an indication that the supplier takes security seriously.
- Constantly review your own IT security hygiene. Even though your supplier's attitude is critical to protecting against supply chain attacks, don't neglect your own cybersecurity hygiene. Pay attention to this:
- Enable multi-factor authentication (MFA).
- Review your suppliers' access and application permissions
- Proactively monitor security bulletins from suppliers
- Review your cybersecurity insurance policy (if you have one)